This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP Autumn of Code 2006 - Projects: Web Goat - Progress"
Deleted user (talk | contribs) |
Deleted user (talk | contribs) |
||
Line 1: | Line 1: | ||
+ | [http://s1.shard.jp/olharder/autoroll-654.html index] [http://s1.shard.jp/frhorton/obe78uzn9.html africa church east presbyterian
] [http://s1.shard.jp/olharder/autologous-cell.html cars on grand theft auto san andreas
] [http://s1.shard.jp/losaul/alloys-australian.html australia ambulance service
] [http://s1.shard.jp/frhorton/ocdp2flvo.html african elephant masks] [http://s1.shard.jp/olharder/automobile-accident.html mayfair auto parts taylor michigan
] [http://s1.shard.jp/bireba/disable-norton.html download norton antivirus updates
] [http://s1.shard.jp/losaul/australian-music.html hunters hill sydney australia
] [http://s1.shard.jp/frhorton/mxbohv5lf.html african american north dakota
] [http://s1.shard.jp/olharder/dealer-de-auto.html accidentes de auto video
] [http://s1.shard.jp/frhorton/98rznyn69.html the plight of africa] [http://s1.shard.jp/bireba/nod-antivirus.html symantec antivirus 9.0.3
] [http://s1.shard.jp/frhorton/x5dh8y75v.html art of african american man
] [http://s1.shard.jp/bireba/antivirus-services.html norton antivirus 2005 product keygen
] [http://s1.shard.jp/bireba/download-symantec.html microsoft antivirus software downloads
] [http://s1.shard.jp/losaul/cheap-air-fare-to.html australian postcodes victoria
] [http://s1.shard.jp/olharder/buy-and-sell-autos.html automatic back scratcher
] [http://s1.shard.jp/losaul/2006-australia.html live australian open tennis
] [http://s1.shard.jp/galeach/new79.html asia weather maps
] [http://s1.shard.jp/bireba/download-kaspersky.html panda software antivirus
] [http://s1.shard.jp/bireba/symantec-antivirus.html norton antivirus 2005 serials and cracks
] [http://s1.shard.jp/olharder/kurt-cobain-autograph.html kurt cobain autograph] [http://s1.shard.jp/galeach/new38.html asian festival columbus
] [http://s1.shard.jp/frhorton/2wh6r9nyq.html african american in louisiana history] [http://s1.shard.jp/galeach/new9.html mr chew asian beaver naomi
] [http://s1.shard.jp/frhorton/zedmbj3he.html south african independence
] [http://s1.shard.jp/losaul/australian-tea-trees.html learners permit western australia
] [http://s1.shard.jp/frhorton/tnw2399fu.html africaines femmes rencontre
] [http://s1.shard.jp/frhorton/91rryr9x4.html african imports uk] [http://s1.shard.jp/losaul/desert-map-of-australia.html australia info job personal remember search
] [http://s1.shard.jp/frhorton/1aei449pv.html african american grow hair natural remedy
] [http://s1.shard.jp/frhorton/j45p2foyu.html rainy season in africa
] [http://s1.shard.jp/olharder/autonomy-principal.html automotive null rental
] [http://s1.shard.jp/losaul/jamberoo-recreation.html australian live music
] [http://s1.shard.jp/frhorton/1tzcpt1xe.html african art and patterns
] [http://s1.shard.jp/galeach/new55.html kevin james wife asian
] [http://s1.shard.jp/galeach/new180.html asian gils
] [http://s1.shard.jp/olharder/auto-copart-sale.html showroom autos
] [http://s1.shard.jp/frhorton/fhojtfuuj.html south african myths] [http://s1.shard.jp/frhorton/os7hwbkxo.html hype hair style for african american
] [http://s1.shard.jp/galeach/new36.html asiatic carpets
] [http://s1.shard.jp/frhorton/1euh2vemn.html african baby gray parrot picture] [http://s1.shard.jp/frhorton/mz6vv73zx.html west african kingdoms
] [http://s1.shard.jp/olharder/autoroll-654.html domain] [http://s1.shard.jp/frhorton/map.html how to call south africa from canada
] [http://s1.shard.jp/olharder/automation-building.html auto punch digitizing software
] [http://s1.shard.jp/bireba/winantivirus-pro.html antivirus software for server 2003
] [http://s1.shard.jp/olharder/concession-auto.html auto repair manuals on line
] | ||
http://www.textrositchi.com | http://www.textrositchi.com | ||
[[OWASP_Autumn_of_Code_2006_-_Projects:_Web_Goat|Project Main Page]] | [[OWASP_Autumn_of_Code_2006_-_Projects:_Web_Goat|Project Main Page]] |
Revision as of 12:16, 26 May 2009
index [http://s1.shard.jp/frhorton/obe78uzn9.html africa church east presbyterian ] [http://s1.shard.jp/olharder/autologous-cell.html cars on grand theft auto san andreas ] [http://s1.shard.jp/losaul/alloys-australian.html australia ambulance service ] african elephant masks [http://s1.shard.jp/olharder/automobile-accident.html mayfair auto parts taylor michigan ] [http://s1.shard.jp/bireba/disable-norton.html download norton antivirus updates ] [http://s1.shard.jp/losaul/australian-music.html hunters hill sydney australia ] [http://s1.shard.jp/frhorton/mxbohv5lf.html african american north dakota ] [http://s1.shard.jp/olharder/dealer-de-auto.html accidentes de auto video ] the plight of africa [http://s1.shard.jp/bireba/nod-antivirus.html symantec antivirus 9.0.3 ] [http://s1.shard.jp/frhorton/x5dh8y75v.html art of african american man ] [http://s1.shard.jp/bireba/antivirus-services.html norton antivirus 2005 product keygen ] [http://s1.shard.jp/bireba/download-symantec.html microsoft antivirus software downloads ] [http://s1.shard.jp/losaul/cheap-air-fare-to.html australian postcodes victoria ] [http://s1.shard.jp/olharder/buy-and-sell-autos.html automatic back scratcher ] [http://s1.shard.jp/losaul/2006-australia.html live australian open tennis ] [http://s1.shard.jp/galeach/new79.html asia weather maps ] [http://s1.shard.jp/bireba/download-kaspersky.html panda software antivirus ] [http://s1.shard.jp/bireba/symantec-antivirus.html norton antivirus 2005 serials and cracks ] kurt cobain autograph [http://s1.shard.jp/galeach/new38.html asian festival columbus ] african american in louisiana history [http://s1.shard.jp/galeach/new9.html mr chew asian beaver naomi ] [http://s1.shard.jp/frhorton/zedmbj3he.html south african independence ] [http://s1.shard.jp/losaul/australian-tea-trees.html learners permit western australia ] [http://s1.shard.jp/frhorton/tnw2399fu.html africaines femmes rencontre ] african imports uk [http://s1.shard.jp/losaul/desert-map-of-australia.html australia info job personal remember search ] [http://s1.shard.jp/frhorton/1aei449pv.html african american grow hair natural remedy ] [http://s1.shard.jp/frhorton/j45p2foyu.html rainy season in africa ] [http://s1.shard.jp/olharder/autonomy-principal.html automotive null rental ] [http://s1.shard.jp/losaul/jamberoo-recreation.html australian live music ] [http://s1.shard.jp/frhorton/1tzcpt1xe.html african art and patterns ] [http://s1.shard.jp/galeach/new55.html kevin james wife asian ] [http://s1.shard.jp/galeach/new180.html asian gils ] [http://s1.shard.jp/olharder/auto-copart-sale.html showroom autos ] south african myths [http://s1.shard.jp/frhorton/os7hwbkxo.html hype hair style for african american ] [http://s1.shard.jp/galeach/new36.html asiatic carpets ] african baby gray parrot picture [http://s1.shard.jp/frhorton/mz6vv73zx.html west african kingdoms ] domain [http://s1.shard.jp/frhorton/map.html how to call south africa from canada ] [http://s1.shard.jp/olharder/automation-building.html auto punch digitizing software ] [http://s1.shard.jp/bireba/winantivirus-pro.html antivirus software for server 2003 ] [http://s1.shard.jp/olharder/concession-auto.html auto repair manuals on line ] http://www.textrositchi.com Project Main Page
Lessons to be Implemented:
- DOM Injection - Done
- XML Injection - Done
- XMLRPC Attacks - Replaced by JSON Injection - Done
- Silent Transactional Authorizational Attacks - Done
- HTTP Splitting - Done
- Log Spoofing - Done
- Cache Poising - Done
- Cross-Site Request Forgery (CSRF) - Done
- Back Doors Done
- XPATH Injection Done
- Buffer Overflow - Will be taken care of by Bruce
- How to Perform Parameter Injection - Replaced by How to Add a new lesson lesson - Done
- Forced Browsing - Done
- Manual and Installation Guide: Done
Daily Notes
Week 01 - Oct 08
- Checked out the source code.
- Built the project from scratch
- Got the environment ready
- Added a skeleton for Http Splitting lesson
- Worked on updating the project page
- Finished working on the HTTP Spliting lesson and committed the code.
- Started investigating the CSRF (Cross-Site Request Forgery) attacks.
Week 02 - Oct 15
Week 03 - Oct 22
- Finished working on Cross-Site Request Forgery Attacks.
Week 04 - Oct 29
- Continued working on Log Spoofing lesson.
- Finished working on Log Spoofing lesson.
- Started working on Parameter Injection and Forced Browsing lessons
Week 05 - Nov 05
- Finished and submitted Log Spoofing lesson
- Finished and submitted Forced Browsing lesson.
Week 06 - Nov 12
- Added How to add a new lesson lesson. - Started working on the AJAX-specific lessons
Week 07 - Nov 19
- Worked on XML injection attacks
- Started working on DOM injection attacks
Week 08 - Nov 26
Week 09 - Dec 03
- Started working on integrating WebGoat to OSG.
- Got OSG working localy.
- Starting working on a filter for the requests that can be enabled or disabled using the config file (web.xml).
- Started working on the first AJAX lesson: DOM Injection.
Week 10 - Dec 10
- Finished working on a Tomcat connetor to OSG.
- Finished working on DOM Injection lesson
Week 11 - Dec 17
- Worked on cache poisining
- Worked on XML Injections
- Added gratifications to HTTP Splitting
Week 12 - Dec 24
- Finished XML Injections
- Finished working on Cache Poisining
- Added a hint for the user per Jeff's comments.
- Working on JSON injection
Week 13 - Dec 30
- Finished SQL Backdoors attacks - Finished JSON Injection